Compliance

Purpose & Scope

Enable DT agility & security to scale with defined risk based security controls that protect integrity, confidentiality, and availability of all Solvay information.  

Value proposition

• Provide a Solvay Security Controls Catalog that contains the required controls aligned with Solvay Security Policies and Standards, that can be used by DT as a master referential for compliance and overall risk reduction
• Oversee the execution of Solvay’s cybersecurity controls, in cooperation with Internal Audit and Risk, to 
• enable business operations in a particular market or with a particular customer
• enable  compliance with applicable statutory and regulatory obligations

Why & When should I get in touch with Group Security’s Compliance Program team members ?

Group Security has been asked to ensure Solvay improves its cybersecurity control maturity in order to reduce risk.

• Advise on the control meaning, and what steps you can take to meet the control objective. 
• Advise on design of a compensating control when you are unable to meet the control objectives
• Assessment support for customer supply chain surveys that are focused on cybersecurity practices in Solvay.
• DT Third Party Supplier assessments for new goods and services.

Compliance Tooling

Solvay Security Controls Catalog (SSCC)

• Built using the Secure Controls Framework
• Includes controls from the following frameworks: ISO 27001 v 2013, ISO 27002:2022, NIST CSF v1.1, CIS CSC v8.0

Refer to this presentation for a complete description on how the SSCC was developed! 

Compliance Governance

Coming Soon!

USEFUL LINKS

• Solvay Security Control Catalog Sheet (SSCC)
• List of Mapped Cybersecurity Policies in the SSCC
• ISO IEC 27002_2022 English Reference

• SSCC Awesome Table
• Tips & Tricks
• SSCC Awesome Table Demo 

          Return to:

• GRC Homepage
• Risk
• Governance

          Contact Us!